Fuzz introspector: fuzz_sudo_conf
For issues and ideas: https://github.com/ossf/fuzz-introspector/issues

Fuzz blockers

The followings are the branches where fuzzer fails to bypass.

Unique non-covered Complexity Unique Reachable Complexities Unique Reachable Functions All non-covered Complexity All Reachable Complexity Function Name Function Callsite Blocked Branch
33 33 1 :

['sudo_fatal_nodebug_v1']

33 33 _rs_stir call site: 00025 /src/sudo/lib/util/./arc4random.c:99
28 34 2 :

['sudo_warn_nodebug_v1', 'sudo_warn_gettext_v1']

34 42 sudo_conf_read_v1 call site: 00075 /src/sudo/lib/util/./sudo_conf.c:709
10 86 4 :

['__errno_location', 'sudo_arc4random_buf', 'mkdirat', 'openat']

10 86 mktemp_internal call site: 00038 /src/sudo/lib/util/./mktemp.c:107
10 10 2 :

['fputs', 'putc']

12 14 warning call site: 00052 /src/sudo/lib/util/./fatal.c:192
5 5 1 :

['sudo_basename_v1']

14 14 initprogname2 call site: 00005 /src/sudo/lib/util/./progname.c:67
2 2 1 :

['__errno_location']

36 38 sudo_conf_read_v1 call site: 00070 /src/sudo/lib/util/./sudo_conf.c:657
2 2 1 :

['strcmp']

9 9 initprogname2 call site: 00006 /src/sudo/lib/util/./progname.c:79
2 2 1 :

['close']

4 6 sudo_conf_read_v1 call site: 00092 /src/sudo/lib/util/./sudo_conf.c:756
2 2 1 :

['setlocale']

2 4 sudo_conf_read_v1 call site: 00094 /src/sudo/lib/util/./sudo_conf.c:763
0 38 3 :

['sudo_warn_gettext_v1', 'sudo_warnx_nodebug_v1', 'free']

0 40 parse_debug call site: 00000 /src/sudo/lib/util/./sudo_conf.c:295
0 38 2 :

['sudo_warnx_nodebug_v1', 'sudo_warn_gettext_v1']

0 40 parse_path call site: 00000 /src/sudo/lib/util/./sudo_conf.c:214
0 38 3 :

['sudo_warn_gettext_v1', 'sudo_warnx_nodebug_v1', 'free']

0 40 parse_plugin call site: 00000 /src/sudo/lib/util/./sudo_conf.c:370

Fuzzer calltree

0 LLVMFuzzerTestOneInput [function] [call site] 00000
1 sudo_conf_plugins_v1 [function] [call site] 00001
1 sudo_conf_debugging_v1 [function] [call site] 00002
1 initprogname [function] [call site] 00003
2 initprogname2 [function] [call site] 00004
3 sudo_getprogname [function] [call site] 00005
3 sudo_basename_v1 [function] [call site] 00006
4 strrchr [call site] 00007
3 strcmp [call site] 00008
3 sudo_setprogname [function] [call site] 00009
4 sudo_basename_v1 [function] [call site] 00010
1 getenv [call site] 00011
1 sudo_warn_set_conversation_v1 [function] [call site] 00012
1 fuzz_conversation [function] [call site] 00013
1 sudo_mkstemp [function] [call site] 00014
2 mktemp_internal [function] [call site] 00015
3 strlen [call site] 00016
3 __errno_location [call site] 00017
3 __errno_location [call site] 00018
3 __errno_location [call site] 00019
3 sudo_arc4random_buf [function] [call site] 00020
4 _rs_random_buf [function] [call site] 00021
5 _rs_stir_if_needed [function] [call site] 00022
6 getpid [call site] 00023
6 _rs_stir [function] [call site] 00024
7 getentropy [call site] 00025
7 sudo_fatal_nodebug_v1 [function] [call site] 00026
8 __errno_location [call site] 00027
8 do_cleanup [function] [call site] 00028
8 exit [call site] 00029
7 _rs_init [function] [call site] 00030
8 chacha_keysetup [function] [call site] 00031
8 chacha_ivsetup [function] [call site] 00032
7 _rs_rekey [function] [call site] 00033
8 chacha_encrypt_bytes [function] [call site] 00034
8 _rs_init [function] [call site] 00035
7 explicit_bzero [call site] 00036
5 _rs_rekey [function] [call site] 00037
3 openat [call site] 00038
3 mkdirat [call site] 00039
3 __errno_location [call site] 00040
1 write [call site] 00041
1 close [call site] 00042
1 close [call site] 00043
1 sudo_conf_clear_paths_v1 [function] [call site] 00044
2 sudo_debug_enter_v1 [function] [call site] 00045
1 sudo_conf_read_v1 [function] [call site] 00046
2 sudo_debug_enter_v1 [function] [call site] 00047
2 setlocale [call site] 00048
2 sudo_warn_nodebug_v1 [function] [call site] 00049
3 __errno_location [call site] 00050
3 warning [function] [call site] 00051
4 __errno_location [call site] 00052
4 sudo_getprogname [function] [call site] 00053
4 vsnprintf [call site] 00054
4 vsnprintf [call site] 00055
4 sudo_getprogname [function] [call site] 00056
4 fputs [call site] 00057
4 fputs [call site] 00058
4 vfprintf [call site] 00059
4 fputs [call site] 00060
4 fputs [call site] 00061
4 putc [call site] 00062
4 __errno_location [call site] 00063
2 sudo_debug_exit_int_v1 [function] [call site] 00064
2 strdup [call site] 00065
2 sudo_warn_gettext_v1 [function] [call site] 00066
3 dgettext [call site] 00067
2 sudo_debug_exit_int_v1 [function] [call site] 00068
2 setlocale [call site] 00069
2 sudo_strlcpy [function] [call site] 00070
2 __errno_location [call site] 00071
2 sudo_warn_nodebug_v1 [function] [call site] 00072
2 open [call site] 00073
2 sudo_warn_gettext_v1 [function] [call site] 00074
2 fdopen [call site] 00075
2 sudo_warn_gettext_v1 [function] [call site] 00076
2 sudo_conf_init [function] [call site] 00077
3 sudo_debug_enter_v1 [function] [call site] 00078
3 sudo_conf_clear_paths_v1 [function] [call site] 00079
3 sudo_debug_exit_v1 [function] [call site] 00080
2 sudo_parseln_v2 [function] [call site] 00081
3 sudo_debug_enter_v1 [function] [call site] 00082
3 getdelim [call site] 00083
3 __ctype_b_loc [call site] 00084
3 realloc [call site] 00085
3 sudo_debug_printf2_v1 [function] [call site] 00086
3 sudo_debug_exit_ssize_t_v1 [function] [call site] 00087
3 sudo_debug_exit_ssize_t_v1 [function] [call site] 00088
2 strncasecmp [call site] 00089
2 __ctype_b_loc [call site] 00090
2 __ctype_b_loc [call site] 00091
2 sudo_debug_printf2_v1 [function] [call site] 00092
2 fclose [call site] 00093
2 close [call site] 00094
2 setlocale [call site] 00095
2 sudo_debug_exit_int_v1 [function] [call site] 00096
1 sudo_conf_askpass_path_v1 [function] [call site] 00097
1 sudo_conf_askpass_path_v1 [function] [call site] 00098
1 sudo_conf_sesh_path_v1 [function] [call site] 00099
1 sudo_conf_sesh_path_v1 [function] [call site] 00100
1 sudo_warnx_nodebug_v1 [function] [call site] 00101
2 warning [function] [call site] 00102
1 sudo_conf_intercept_path_v1 [function] [call site] 00103
1 sudo_conf_intercept_path_v1 [function] [call site] 00104
1 sudo_warnx_nodebug_v1 [function] [call site] 00105
1 sudo_conf_noexec_path_v1 [function] [call site] 00106
1 sudo_conf_noexec_path_v1 [function] [call site] 00107
1 sudo_warnx_nodebug_v1 [function] [call site] 00108
1 sudo_conf_plugin_dir_path_v1 [function] [call site] 00109
1 sudo_conf_plugin_dir_path_v1 [function] [call site] 00110
1 sudo_warnx_nodebug_v1 [function] [call site] 00111
1 sudo_conf_disable_coredump_v1 [function] [call site] 00112
1 sudo_warnx_nodebug_v1 [function] [call site] 00113
1 sudo_conf_group_source_v1 [function] [call site] 00114
1 sudo_conf_group_source_v1 [function] [call site] 00115
1 sudo_warnx_nodebug_v1 [function] [call site] 00116
1 sudo_conf_max_groups_v1 [function] [call site] 00117
1 sudo_warnx_nodebug_v1 [function] [call site] 00118
1 sudo_conf_probe_interfaces_v1 [function] [call site] 00119
1 sudo_warnx_nodebug_v1 [function] [call site] 00120
1 sudo_conf_plugins_v1 [function] [call site] 00121
1 sudo_warnx_nodebug_v1 [function] [call site] 00122
1 sudo_conf_debugging_v1 [function] [call site] 00123
1 sudo_warnx_nodebug_v1 [function] [call site] 00124
1 sudo_getprogname [function] [call site] 00125
1 sudo_conf_debug_files_v1 [function] [call site] 00126
2 sudo_debug_enter_v1 [function] [call site] 00127
2 sudo_basename_v1 [function] [call site] 00128
2 strcmp [call site] 00129
2 strcmp [call site] 00130
2 sudo_debug_exit_ptr_v1 [function] [call site] 00131
2 sudo_debug_exit_ptr_v1 [function] [call site] 00132
1 sudo_getprogname [function] [call site] 00133
1 sudo_warnx_nodebug_v1 [function] [call site] 00134
1 unlink [call site] 00135
1 fflush [call site] 00136